Pulse Connect Secure Zero-day Remote Code Execution Vulnerability

Release Date: 22 Apr 2021 5466 Views

RISK: Extremely High Risk

Extremely High Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

A vulnerability was identified in Pulse Connect Secure, a remote attacker could exploit this vulnerability to trigger remote code execution and security restriction bypass on the targeted system.

 

Note:

  • This vulnerability is reported to have been exploited in the wild.

[Updated 4-May-2021] Security update for Pulse Connect Secure has been released.

Impact

  • Remote Code Execution
  • Security Restriction Bypass

System / Technologies affected

  • Pulse Conncet Secure 9.0R3 and Higher

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Workaround:
Import the workaround xml file to mitigate the vulunbility, please visit the software vendor web-site for more details.

 

Use Pulse Connect Secure Integrity Tool to check the integrity of file systems, please visit the software vendor web-site for more details.

 

Vulnerability Identifier

Source

Related Link

Related Tags

Zero-dayRemote Code ExecutionVirtual Private Network (VPN)Security Restriction Bypass

Share with

Previous

IBM WebSphere Application Server Denial of Service Vulnerability

22 Apr 2021 4480 Views

Next

IBM WebSphere Application Server Remote Code Execution Vulnerability

23 Apr 2021 4734 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY